The complicated interworking of players/parties and technology, embedded in society's legal and cultural context, implies that cybercrime research should consists of (and preferably integrate) multiple disciplines: it must understand the 'business' case behind the crime, the associated legal complexities in cyber space, the social and psychological enablers, the means and effectiveness of deterrence, the technology of the cyber systems, as well as the intricate relation between all of these. As a consequence, the Network aims to be highly interdisciplinary, bringing together researchers from all the mentioned disciplines, with roughly equal emphasis on technologists (computer scientists, engineers) and non-technologists (lawyers, social scientists and psychologists).
Technology-wise, the Network aims to help in the coordination of 'practical security' or 'applied security' (for lack of better terms) research. Practical and applied security research thrives best if it is done in collaboration with the parties that eventually are targeted to use the research results. Interaction between researchers and end users is useful in the design stage (from requirements capturing to more 'intimate' user- and experience- driven design), in the development stage (through continuous feedback) and in the technology transfer stage. The Network proposes innovative ways to get researchers and end users together (professionally run workshop, actors for role playing, etc.), and encourages and supports its members to innovate in the ways it interacts with end users.
The programme of networking is defined in two dimensions: time and space, as follows:
- In 'time', we identify a first phase (18 months nominally) to initiate interaction and a second phase (also 18 months as a first estimate) to deliver results that help future research. In the first 18 months, the idea is to organise workshops and other events that bring together researchers and end users in order to understand the challenges faced in tackling cybercrime fully and to develop sound solutions. To achieve this, we will indeed need to put the emphasis on the end users in the first stage. The second 18 months will carry out consolidated workshops based on the lessons learnt in the first 18 months, and the emphasis will be shifted towards research and the establishment of research proposals and new networks, among others.
- In 'space', the Network will have a number of Themes, each with its own leader and set of networking activities. We predefine three Themes to kick things off, but Network participants will have the opportunity to develop additional Themes (or even modify or tailor the existing ones) within the above framework. We identify the Themes as: (i) Internet safety, (ii) usable security, and (iii) cloud. The three user groups that we have identified so far are (i) victims, (ii) law enforcement, and (iii) SMEs, enterprises and organisation. We expect involvement of these end users in each Theme.
|